1. Field of the Invention
The present invention relates to an authority delegate system capable of transferring an authority of a user who accesses protected resource to another entity, a server system in the authority delegate system, and a control method for controlling the authority delegate system.
2. Description of the Related Art
As cloud computing has come to be generally used, more and more opportunities to create added values by allowing a plurality of services to cooperate with one another have increased. By allowing the services to cooperate with one another, a service provider can provide added values to users. On the other hand, some issues arise due to cooperation of the services.
More specifically, these issues include security problems such as where information more than the users desire might be exchanged among the services, and issues relating to transmission/reception of user data or personal information. For example, a plurality of services exists on the Internet, and there is a possibility that service cooperation is realized among various services, but services other than the services which the users desire should not be allowed to operate the user data or personal information.
Further, from the viewpoint of providers of services, a mechanism of the service cooperation which can be easily implemented is favorable. In such a situation, a standard protocol called OAuth for realizing cooperation of authorization is formulated.
OAuth is an open standard for authorization that allows users to share their private resources (e.g. photos, videos, contact lists) stored on one site with another site without having to hand out their credentials, typically supplying username and password tokens instead. According to the OAuth, for example, in a case where an external service B accesses data managed by a service A, an evincive authorization of the user is supposed to be obtained after making a range clear within which the data is accessed from the external service B. When a user authorizes it, the external service B receives a token which proves that the access has been accepted (hereinafter, authorization token), and subsequent access can be realized using the authorization token.
Japanese Patent Application Laid-Open No. 2009-129214 discusses a technique in which a delegate source terminal determines whether attribute information of a user of a delegate destination terminal satisfies service providing condition, and if the condition is satisfied, issues an authorization token for an accessible resource to the delegate destination terminal.
The use of an authorization token allows access to the service A by the authority of the user who has performed authorization. However, since the external service B has received authorization from the user and acquired the authorization token, the external service B has a responsibility to strictly and properly manage the authorization token.
Among services in recent years, there is a service that analyzes data which a user has and provides added values to the user. For example, an access analysis service of a website analyzes data (access log) which a user has, and thereby it can provide guideline for updating of the website to the user.
By authorizing an access analysis operator to view an access log in this way, a user can enjoy services. On the other hand, since the access log is also an important resource of the user, it is not preferable that arbitrary access analysis operators can view the access log of the user. In such a case, instead of authorizing the external service B to view the access log managed by the service A, the user needs to give authorization to individual access analysis operator that acquires the access log utilizing the external service B.
In the conventional method such as the one discussed in Japanese Patent Application Laid-Open No. 2009-129214, it is possible to give authorization to allow the access log managed by the service A to be viewed from the external service B. Further, validity of a token user can be also confirmed at the time of token issuance. However, a control relating to sharing at the time of usage of the issued authorization token is not available. Therefore, a usage range of the authorization token cannot be changed in a flexible way and it lacks convenience.
Further, if there is a plurality of access analysis operators which desire to request an analysis of the access log, it becomes necessary to individually perform the authorization operation. As a result, there is a problem that the more operators, the less convenience becomes.